3 Industry Contributors The Internet Services Providers Association (ISPA) is the UK s Trade Association for providers of internet services. With over 200 members, ISPA brings together the UK internet industry to provide essential support through innovation, knowledge and experience in order to benefit the UK economy and society. Promoting collaboration and constructive dialogue between its members and the wider internet community, ISPA is an all-important driving force for the industry. BT is one of the world s leading communications services companies, serving the needs of customers in the UK and in more than 170 countries worldwide. Our main activities are the provision of fixed-line services, broadband, mobile and TV products and services as well as networked IT services. In the UK we are a leading communications services provider, selling products and services to consumers, small and medium sized enterprises and the public sector. Sky is the UK and Ireland s leading home entertainment and communications company. Around 40% of all homes have a direct relationship with Sky through its range of TV, broadband and home telephony services. Sky is the UK s biggest investor in television content, investing more than 2.5 billion a year. Sky is also the UK's fastest-growing home communications company and favourite tripleplay provider of TV, broadband and home phone. TalkTalk is the UK s leading value for money TV, broadband and phone provider with 4 million customers across the UK. TalkTalk operates it s the UK s largest Next Generation Network which covers 95% of UK homes. TalkTalk is one of seven partners behind YouView, the internet-connected TV service, along with the BBC, IVT, BT, Channel 4, Arqiva and Five. YouView launched to UK homes in 2012 and in August 2013 TalkTalk announced it had signed up over 500,000 customers to the service. TalkTalk is also the only provider to provide a whole home parental controls service, HomeSafe, to its customers free of charge. We ve come a long way since making the first ever mobile call in the on 1 January Today, more than 403 million customers around the world choose us to look after their communications needs. In 25 years, a small mobile operator in Newbury has grown into a global business and the seventh most valuable brand in the world. We now operate in more than 30 countries and partner with networks in over 50 more. Virgin is a leading international investment group and one of the world's most recognised and respected brands. Conceived in 1970 by Sir Richard Branson, the Virgin Group has gone on to grow successful businesses in sectors ranging from mobile telephony, travel, financial services, leisure, music, holidays and health & wellness. Virgin employs more than 50,000 people around the world, operating in over 50 countries. Global branded revenues of 15bn ($24bn) in

4 Introduction As part of the UK s Cyber Security Strategy, the UK internet industry and Government recognised the need to co-develop a series of voluntary Guiding Principles to improve the online security of the ISPs customers and limit the rise in cyber attacks. Cyber security for these purposes encompasses the protection of information, processes, and systems, connected or stored online, and takes a broad view across the technical, people, and physical domains. These Guiding Principles recognise that the ISPs (and other service providers), internet users, and UK Government all have a role in minimising and mitigating the cyber threats inherent in using the internet. While the internet offers considerable social and economic benefits by enabling open communication and open exchanges of information, there is a risk that our data and infrastructure could become compromised or damaged. The impact of this is already being felt, and will be felt even more as our reliance on the internet grows. The Guiding Principles have been developed to respond to this challenge by providing a consistent and best practice approach to help inform, educate, and protect ISPs customers from online threats. They are aspirational, developed and delivered as a partnership between Government and ISPs. They recognise that ISPs have different sets of customers, offer different levels of support and services to protect those customers from cyber threats, and have different business models based on their commercial offerings. The Guiding Principles represent a series of principles that all ISP signatories, in partnership with Government, should be aspiring to reach as a minimum. The Guiding Principles build on, and compliment, existing sources of internet safety advice and guidance, for both businesses and consumers, and will continue to consider and learn from similar initiatives that have been developed overseas; and will sit alongside separate initiatives, for example those in relation to the protection of children online. We will implement the Guiding Principles through a partnership between the UK internet industry, Government, relevant independent bodies, such as Get Safe Online, within existing legal frameworks and respecting customer privacy, and against the backdrop of relevant international commitments around internet safety and cyber security. They cover the following three areas: Section 1: ISPs activities to help their customers protect themselves from cyber threats. Section 2: Government activities to help protect consumers and businesses from cyber threats. Section 3: Government and ISP activities in partnership to help protect consumers and businesses from cyber threats. Section 1 - Internet Service Providers 4

5 1.a Awareness and Education: Recognising that raising customer awareness of cyber security issues and education on how to manage them is central to engaging customers to practise safe online behaviour, ISPs will: Provide either their own education and awareness information and/or sign post to information elsewhere (e.g. Get Safe Online and national campaigns) in a clear and accessible place, such as on their websites, so that customers understand: - what basic online threats exist, - the symptoms they may experience from them, - how to spot potential problems with their computer or account, - how to fix problems, - how they can report crimes through Action Fraud. Seek to partner with other industry sectors to raise awareness amongst internet users of the importance and benefits of behaving safely online. 1.b Customer Offering: To assist and empower customers to protect themselves from online threats, ISPs will offer tools and/or advice on security solutions and indicate from where solutions can be accessed. Solutions offered could include some of the following features: Anti-virus software Anti-spyware Anti-spam Malware protection Firewall provision Advice on the back-up of data Identity protection Safe search and social networking protection 1.c Reporting Mechanisms: To minimise the impact that cyber security threats have on their customers, ISPs will: Provide clear information on their websites and/or via their usual customer communication channels, about how customers and other Internet users can report compromises or threats. Have processes in place to escalate credible reports to facilitate risk mitigation. Notify their customers if they have their contact details, and in line with company policy, when they become aware of particularly unusual or novel behaviour which indicates potential compromise to a customer s computer or account. Section 2 - Government 5

6 Government published its Cyber Security Strategy in November 2011 which can be viewed at https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60961/ukcyber-security-strategy-final.pdf. This outlined a number of objectives to improve the cyber security of the UK, including public and business awareness and protection. Through this, we have committed to undertake the following key actions: We will work to educate and raise awareness amongst businesses of the importance of effective cyber risk management and mitigating cyber threats. Government launched its Cyber Security Guidance for Business in September 2012, targeted at FTSE100 companies, and BIS launched its Small Business Guidance for Cyber Security in April We will provide advice on cyber security. Get Safe Online, a joint public and private sector initiative, provides unbiased advice for consumers and businesses to protect themselves online and raises awareness of the importance of effective cyber security. An upcoming cyber security awareness-raising campaign, to be delivered by the Government and private sector will also be delivered across a range of media, targeted at consumers and SMEs to raise their awareness of cyber security. We launched in October 2013 the National Crime Agency (NCA) which includes a national cyber crime capability to deal with the most serious cyber crimes. The NCA will also support police forces across England and Wales to drive up wider national capabilities on cyber crime, including through shaping the training for mainstream policing. We will increase the security of Government Online Services. Government has rolled out an advisory tool across the.gov.uk website and sections of the HMRC website which advises users that their internet browsers are out-of-date. Users can link to advice that is easy to understand, on what risks this poses and how they can update their browser. This initiative is being carried out in conjunction with Get Safe Online. We will work with education providers to develop teaching resources and cyber security learning materials to introduce younger internet users to the importance of using the internet safely and sensibly. 6

7 Section 3 Government and Internet Service Providers Section 1 and 2 of this document outline the activities that the ISPs and UK Government will undertake to help customers better protect themselves from cyber threats. This section captures new areas where UK Government and ISPs will work together on cyber security, and how the ongoing partnership that underpins this activity will be governed. 3.a Areas for joint working between Government and ISPs on Cyber Security: Members of the partnership will work together to explore a number of issues, these include: Law Enforcement Agencies/ISP information sharing and action regarding identified risks and wider cooperation. Partnering between Government and the internet industry to raise awareness amongst customers of the importance and benefits of behaving safely online. ISPs to explore reviewing themselves against the 10 Steps to Cyber Security as appropriate to its business. Investigate potential ways in which issues can be brought to the attention of customers. 3.b Ongoing partnership and Governance: Members of the partnership will meet on a quarterly basis, drawing in other Government and internet industry stakeholders as required, to implement these Guiding Principles and explore other issues for potential joint working. BIS will continue to lead in drawing this partnership together, in close coordination with the Home Office, OCSIA, the ISPs, and the Internet Service Providers Association. This partnership will regularly review its progress against the activities outlined in this document. The Guiding Principles are a strategic objective in the UK s Cyber Security Strategy and so this partnership will provide an annual progress report to the OCSIA-led National Cyber Security Programme. 7

8 Crown copyright 2013 You may re-use this information (not including logos) free of charge in any format or medium, under the terms of the Open Government Licence. Visit write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or This publication is also available on our website at Any enquiries regarding this publication should be sent to: Department for Business, Innovation and Skills 1 Victoria Street London SW1H 0ET Tel: If you require this publication in an alternative format, or call BIS/13/1327

Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...

Small businesses: What you need to know about cyber security Contents Why you need to know about cyber security... 3 Understanding the risks to your business... 4 How you can manage the risks... 5 Planning

Industrial Strategy: government and industry in partnership UK Government Information Economy Strategy A Call for Views and Evidence February 2013 Contents Overview of Industrial Strategy... 3 How to respond...

SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes

Department for Business, Innovation and Skills: equality objectives Achievements Externally, we have: Implemented a framework to ensure the widest possible access to HE Completed the first stage of the

A GUIDE TO LEGAL FORMS FOR BUSINESS NOVEMBER 2011 Guide to Legal Forms Unincorporated legal forms: The distinguishing feature of unincorporated forms is that they have no separate legal personality. There

Cyber Essentials Scheme Requirements for basic technical protection from cyber attacks June 2014 December 2013 Contents Contents... 2 Introduction... 3 Who should use this document?... 3 What can these

July 2013 Foreword In the Autumn Statement 2012 Government announced that it would introduce a package of measures to improve the way regulation is delivered at the frontline such as the Focus on Enforcement

Company Investigations What we do. What we do Company Investigations has the power to investigate limited companies where information we receive suggests corporate abuse; this may include serious misconduct,

OPENNESS TO TRADE: exports plus imports as a share of GDP, ranked against major competitors Contents Contents... 1 Openness to trade: exports plus imports as a share of GDP, ranked against major competitors...

BACKING SMALL BUSINESS NOVEMBER 2010 Introduction The Government has laid out a decisive plan to reduce the deficit and to restore confidence in the UK economy. Providing macroeconomic and financial stability

A GUIDE TO LEGAL FORMS FOR SOCIAL ENTERPRISE NOVEMBER 2011 A Guide to Legal Forms for Social Enterprise Definition of a Social Enterprise The term Social Enterprise describes the purpose of a business,

The public transport ticketing schemes block exemption Consultation document 13 April 2016 CMA53con Crown copyright 2016 You may reuse this information (not including logos) free of charge in any format

Access Fund for Sustainable Travel Guidance on Bidding Moving Britain Ahead July 2016 The Department for Transport has actively considered the needs of blind and partially sighted people in accessing this

Electricity Market Reform Eligibility for an exemption from the costs of Contracts for Difference updated cost estimates AUGUST 2013 1. In examining the consultation currently open on eligibility for an

www.gov.uk/defra Consultation on proposed measures to implement elements of EU regulation 1257/2013 on ship recycling relating to the authorisation of UK ship recycling facilities Summary of response and

Insolvent Company Investigations What we do 1 Contents Introduction... 3 What can directors of insolvent companies do?... 4 What is unfit conduct?... 4 The law... 5 What can we investigate?... 5 Who can

Public Service Broadcasting in the Internet Age Ofcom s third review of Public Service Broadcasting Concise summary Publication date: July 2015 1 Concise summary Introduction This document is a brief high-level

TIME OFF TO ACCOMPANY A PREGNANT WOMAN TO ANTE- NATAL APPOINTMENTS Employer guide SEPTEMBER 2014 Contents TIME OFF TO ACCOMPANY A PREGNANT WOMAN TO ANTE-NATAL APPOINTMENTS... 1 Frequently Asked Questions...

CONTRACTS FOR DIFFERENCE Consultation on Changes to the Non-Delivery Disincentive for CFD Allocation May 2016 CONTRACTS FOR DIFFERENCE Consultation on Changes to the Non-Delivery Disincentive for CFD Allocation

CYBER SECURITY A Guide to Programmes and Resources for Schools & Further Education March 2015 A Guide to Cyber Security Programmes and Resources for Schools and Further Education Providers Cyber security

A plain English guide to the 2015-16 local government finance settlement December 2014 Department for Communities and Local Government Crown copyright, 2014 Copyright in the typographical arrangement rests

www.defra.gov.uk Responsibility Deal between the UK, Scottish and Welsh Governments and the direct marketing sector November 2011 Crown copyright 2011 You may re-use this information (not including logos)

Analysis of Employee Contracts that do not Guarantee a Minimum Number of Hours Coverage: GB Date: 30 April 2014 Geographical Area: GB Theme: Labour Market 1. Summary There is no legal definition of zero-hours

ISA qualifying investments: consultation on including shares traded on small and medium-sized enterprise equity markets March 2013 ISA qualifying investments: consultation on including shares traded on

Integrating the operation of income tax and National Insurance contributions A call for evidence July 2011 Integrating the operation of income tax and National Insurance contributions A call for evidence

Memorandum of understanding: secure children s homes The Chief Inspector s support for the Secretary of State s functions with regard to secure children s homes Published: April 2012 Reference no: 120071

HIGHER EDUCATION Consultation on potential early repayment mechanisms for student loans JUNE 2011 Contents Student finance reforms...3 Why we are consulting on early repayment mechanisms...3 The existing

CONVENTION ON INTERNATIONAL INTERESTS IN MOBILE EQUIPMENT AND PROTOCOL THERETO ON MATTERS SPECIFIC TO AIRCRAFT EQUIPMENT Government Response to the Call for Evidence DECEMBER 2013 Contents Contents...2

Business rates retention and the local government finance settlement A plain English guide February 2013 Department for Communities and Local Government Crown copyright, 2013 Copyright in the typographical

Tobacco levy: consultation December 2014 Tobacco levy: consultation December 2014 Crown copyright 2014 This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise

Changes to disclosure and barring: What you need to know 2 Changes to disclosure and barring: what you need to know What is the purpose of this leaflet? This leaflet tells you about important changes which

Call for information Online reviews and endorsements February 2015 CMA41con Crown copyright 2015 You may reuse this information (not including logos) free of charge in any format or medium, under the terms

Employee ownership and share buy backs consultation: Response form The Department may, in accordance with the Code of Practice on Access to Government Information, make available, on public request, individual

Industrial Strategy: government and industry in partnership Driving success a strategy for growth and sustainability in the UK automotive sector Summary July 2013 SUMMARY DRIVING SUCCESS 1 The UK automotive

Prioritisation principles for the CMA April 2014 C M A 16 Crown copyright 2014 You may reuse this information (not including logos) free of charge in any format or medium, under the terms of the Open Government

Investing in renewable technologies CfD contract terms and strike prices December 2013 Crown copyright 2013 You may re-use this information (not including logos) free of charge in any format or medium,

Help to Buy (Equity Loan scheme) and Help to Buy: NewBuy statistics: Data to 30 September 2015, England In the first 30 months of the Help to Buy: Equity Loan scheme (to 30 September 2015), 62,569 properties

Self-employed up 367,000 in Four Years, Mostly Since 2011 Coverage: UK Date: 06 February 2013 Geographical Area: UK Theme: Labour Market Key points The key points are: The number of workers who are self-employed

Population Ageing in the United Kingdom, its Constituent Countries and the European Union Coverage: International Date: 02 March 2012 Geographical Area: UK and GB Theme: Population Foreword This report

THE HIGH SPEED RAIL COLLEGE Consultation on possible location of main site MARCH 2014 Contents Contents...2 The high speed rail college: consultation on possible location of main site...3 1. Introduction...4

The UK Cyber Security Strategy Report on progress December 2012 Forward Plans We are at the end of the first year of meeting the objectives outlined in the National Cyber Security Strategy. A great deal

Transparency in Social Housing Assets Value Consultation July 2014 Department for Communities and Local Government Crown copyright, 2014 Copyright in the typographical arrangement rests with the Crown.

Heat Networks Delivery Unit HNDU Round 6: Overview April 2016 Crown copyright 2016 URN 16D/056 You may re-use this information (not including logos) free of charge in any format or medium, under the terms

Firefighter fitness standards and assessment Consultation response December 2014 Department for Communities and Local Government Crown copyright, 2014 Copyright in the typographical arrangement rests with

Solutions for Business Government Funded Business Support: A Guide for Business Contents Introduction Page 3 Collaborative Research and Development Page 4 Designing Demand Page 5 Finance for Business Page

What Works: evidence centres for social policy March 2013 Cabinet Office 25 Great Smith Street London SW1P 3BQ Publication date: March 2013 Crown copyright 2013 You may re-use this information (not including

TECHNICAL AND PROFESSIONAL EDUCATION REFORM Further Education Maintenance Loans MARCH 2016 Contents 1. Foreword from Nick Boles, Minister of State for Skills... 3 2. Executive Summary... 4 3. How to respond,

Draft Strategic Guidance to the Institute for Apprenticeships Government consultation Launch date 4 January 2017 Respond by 31 January 2017 Contents Introduction 3 Who this is for 3 Issue date 3 Enquiries

Young People in the Labour Market, 2014 Coverage: UK Date: 05 March 2014 Geographical Area: Local Authority and County Theme: Labour Market Young People in the Labour Market The number of people aged 16

Agenda Item No. 5 COMMUNITY OUTCOMES MEETING SUBJECT: CYBER CRIME 4 August 2015 Report of the Chief Constable PURPOSE OF THE REPORT 1. This report outlines the Force s current position in relation to the

Help to Buy (Equity Loan scheme) and Help to Buy: NewBuy statistics: Data to 31 March 2014, England In the first twelve months of the Help to Buy: Equity Loan scheme (to 31 March), 19,394 properties were

Help to Buy: mortgage guarantee scheme outline March 2013 Help to Buy: mortgage guarantee scheme outline March 2013 Crown copyright 2013 You may re-use this information (not including logos) free of charge

CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to

To ensure the functioning of the site, we use cookies. We share information about your activities on the site with our partners and Google partners: social networks and companies engaged in advertising and web analytics. For more information, see the Privacy Policy and Google Privacy &amp Terms.
Your consent to our cookies if you continue to use this website.